1 GNU SASL LIBRARY NEWS -- History of user-visible changes.
2 Copyright (C) 2002-2012 Simon Josefsson
3 See the end for copying conditions.
5 * Version 1.8.0 (released 2012-05-28) [stable]
7 ** This is a new major stable release. Brief changes compared to 1.6.x:
9 *** SAML20 support following RFC 6595.
11 *** OPENID20 support following RFC 6616.
13 *** Various cleanups, portability and other bug fixes.
14 See the NEWS entries during the 1.7.x branch for details.
16 ** API and ABI modifications.
17 No changes since last version.
19 * Version 1.7.6 (released 2012-05-23) [beta]
21 ** i18n: Updated translations.
23 ** API and ABI modifications.
24 No changes since last version.
26 * Version 1.7.5 (released 2012-05-22) [beta]
28 ** i18n: Updated translations.
32 ** API and ABI modifications.
33 No changes since last version.
35 * Version 1.7.4 (released 2012-05-16) [alpha]
37 ** libgsasl: Reverted unification of OpenID and SAML properties/callbacks.
38 The reason was that client and servers needs to know whether it is
39 SAML or OpenID that is used, and using the same property and callback
40 symbol for both makes this more difficult.
42 ** i18n: Updated translations.
44 ** GSS-API server: Don't output zero-length tokens on context init success.
45 Reported by Andreas Oberritter <obi@saftware.de>.
47 ** GSS-API server: Only proceed to next step when context is established.
48 Reported by Andreas Oberritter <obi@saftware.de>.
50 ** Rewrote DIGEST-MD5 code to avoid false positive complaint from valgrind.
52 ** Update gnulib files.
54 ** API and ABI modifications.
55 GSASL_REDIRECT_URL: Removed.
56 GSASL_OPENID20_REDIRECT_URL: Added.
57 GSASL_SAML20_REDIRECT_URL: Added.
58 GSASL_AUTHENTICATE_IN_BROWSER: Removed.
59 GSASL_SAML20_AUTHENTICATE_IN_BROWSER: Added.
60 GSASL_OPENID20_AUTHENTICATE_IN_BROWSER: Added.
62 * Version 1.7.3 (released 2012-04-03) [alpha]
64 ** libgsasl: The SAML20 mechanism is now enabled by default.
66 ** libgsasl: The SAML20 mechanism was updated to draft -09.
67 There was a minor protocol change, the final client response is now
68 "=" instead of the empty string.
70 ** libgsasl: Unified some of the SAML and OpenID callbacks/properties.
71 See API changes below.
73 ** API and ABI modifications.
74 GSASL_REDIRECT_URL: Added, replaces the next two properties.
75 GSASL_OPENID20_REDIRECT_URL: Removed.
76 GSASL_SAML20_REDIRECT_URL: Removed.
77 GSASL_AUTHENTICATE_IN_BROWSER: Added, replaces the next two callbacks.
78 GSASL_SAML20_AUTHENTICATE_IN_BROWSER: Removed.
79 GSASL_OPENID20_AUTHENTICATE_IN_BROWSER: Removed.
81 * Version 1.7.2 (released 2012-03-28) [alpha]
83 ** libgsasl: Updated OPENID20 implementation.
84 Now following draft-ietf-kitten-sasl-openid-08.
86 ** API and ABI modifications.
87 GSASL_OPENID20_REDIRECT_URL: Added, new property.
88 GSASL_OPENID20_OUTCOME_DATA:: Added, new property.
89 GSASL_OPENID20_AUTHENTICATE_IN_BROWSER: Added, new callback.
90 GSASL_VALIDATE_OPENID20: Added, new callback.
91 GSASL_NO_OPENID20_REDIRECT_URL: Added, new error code.
92 GSASL_OPENID20_AUTH_IDENTIFIER: Removed, use GSASL_AUTHID instead.
93 GSASL_NO_OPENID20_AUTH_IDENTIFIER: Removed error code.
95 * Version 1.7.1 (released 2012-02-09) [alpha]
97 ** libgsasl: Implement OPENID20 mechanism for OpenID authentication.
98 Following draft-ietf-kitten-sasl-openid-03.
100 ** libgsasl.pc: Add a Libs.private.
101 Reported by Volker Grabsch <vog@notjusthosting.com>.
103 ** Demand gettext >= 0.18.1 in order to get newer M4 files.
104 The old M4 files associated with 0.17 caused problems on Solaris,
105 which will hopefully be fixed with this. Reported by Dagobert
106 Michelsen <dam@opencsw.org>.
108 ** i18n: Updated translations.
110 ** API and ABI modifications.
111 GSASL_CB_TLS_UNIQUE: Added, new property.
112 GSASL_OPENID20_AUTH_IDENTIFIER: Added, new property.
113 GSASL_NO_CB_TLS_UNIQUE: Added, new error code.
114 GSASL_NO_OPENID20_AUTH_IDENTIFIER: Added, new error code.
116 * Version 1.7.0 (released 2010-10-22) [alpha]
118 ** SAML20: Implement new mechanism.
119 Implements draft-ietf-kitten-sasl-saml-01. See tests/saml20.c for a
120 self test that illustrate how the mechanism is intended to be used in
121 both client and server mode.
123 ** API and ABI modifications.
124 GSASL_NO_SAML20_IDP_IDENTIFIER: ADDED.
125 GSASL_NO_SAML20_REDIRECT_URL: ADDED.
126 GSASL_SAML20_IDP_IDENTIFIER: ADDED.
127 GSASL_SAML20_REDIRECT_URL: ADDED.
128 GSASL_SAML20_AUTHENTICATE_IN_BROWSER: ADDED.
129 GSASL_VALIDATE_SAML20: ADDED.
131 * Version 1.6.1 (released 2011-05-01) [stable]
133 ** libgsasl.pc: Add a Libs.private.
134 Reported by Volker Grabsch <vog@notjusthosting.com>.
136 ** build: Demand gettext >= 0.18.1 in order to get newer M4 files.
137 The old M4 files associated with 0.17 caused problems on Solaris,
138 which will hopefully be fixed with this. Reported by Dagobert
139 Michelsen <dam@opencsw.org>.
141 ** i18n: Updated translations.
143 ** API and ABI modifications.
144 No changes since last version.
146 * Version 1.6.0 (released 2010-12-14) [stable]
148 ** No changes since release candidate 1.5.5.
150 ** API and ABI modifications.
151 No changes since last version.
153 * Version 1.5.5 (released 2010-12-09) [beta]
155 ** API and ABI modifications.
156 No changes since last version.
158 * Version 1.5.4 (released 2010-11-14) [beta]
160 ** SCRAM-SHA-1-PLUS: Fix parsing bug causing memory corruption.
162 ** SCRAM: Fix memory leaks.
164 ** Update gnulib files.
166 ** API and ABI modifications.
167 No changes since last version.
169 * Version 1.5.3 (released 2010-11-14) [beta]
171 ** libgsasl: Added property for tls-unique channel binding.
172 The new property GSASL_CB_TLS_UNIQUE takes a base64 encoded tls-unique
173 channel binding. New error code GSASL_NO_CB_TLS_UNIQUE is returned
174 when application fails to provide a channel binding and the mechanism
175 requires it (i.e., in a PLUS server).
177 ** SCRAM: Added support for SCRAM-SHA-1-PLUS with channel bindings.
179 ** API and ABI modifications.
180 GSASL_CB_TLS_UNIQUE: ADDED.
181 GSASL_NO_CB_TLS_UNIQUE: ADDED.
183 * Version 1.5.2 (released 2010-09-27) [beta]
185 ** GSSAPI/GS2-KRB5: Support for MIT Kerberos for Windows GSS-API library.
187 ** SCRAM server: Compare c= field in client-final to match client-first.
188 Before our server did not verify that the channel binding and
189 authorization identity fields weren't tampered with. Reported by Marc
190 Santamaria <asgarath@gmail.com>.
192 ** SCRAM server: Interop against clients that supports channel bindings.
193 Before our server would refuse such connections. Reported by Marc
194 Santamaria <asgarath@gmail.com>.
196 ** Update gnulib files.
198 ** API and ABI modifications.
199 No changes since last version.
201 * Version 1.5.1 (released 2010-04-21) [beta]
203 ** libgsasl: No longer require the same or newer libgcrypt it was built with.
204 Before libgsasl refused to work if it was used with a libgcrypt shared
205 library that was older than the version that libgsasl was built with.
207 ** GS2: Fix decoding of invalid data in server. Code review fixes.
209 ** Update gnulib files.
211 ** API and ABI modifications.
212 No changes since last version.
214 * Version 1.5.0 (released 2010-03-31) [beta]
216 ** GS2-KRB5: New mechanism GS2 with support for Kerberos V5.
217 The supported GSS-API implementations are GNU GSS, MIT Kerberos or
218 Heimdal. The GS2-KRB5-PLUS variant with TLS channel bindings is not
219 supported. GNU GSS version 1.0.0 or later is required.
221 ** DIGEST-MD5: The server code now returns GSASL_OK after the final token.
223 ** New error codes for GSS-API library errors (used by GS2).
224 The error codes are GSASL_GSSAPI_ENCAPSULATE_TOKEN_ERROR,
225 GSASL_GSSAPI_DECAPSULATE_TOKEN_ERROR,
226 GSASL_GSSAPI_INQUIRE_MECH_FOR_SASLNAME_ERROR,
227 GSASL_GSSAPI_TEST_OID_SET_MEMBER_ERROR, and
228 GSASL_GSSAPI_RELEASE_OID_SET_ERROR.
230 ** API and ABI modifications.
231 GSASL_GSSAPI_ENCAPSULATE_TOKEN_ERROR: ADDED.
232 GSASL_GSSAPI_DECAPSULATE_TOKEN_ERROR: ADDED.
233 GSASL_GSSAPI_INQUIRE_MECH_FOR_SASLNAME_ERROR: ADDED.
234 GSASL_GSSAPI_TEST_OID_SET_MEMBER_ERROR: ADDED.
235 GSASL_GSSAPI_RELEASE_OID_SET_ERROR: ADDED.
237 * Version 1.4.4 (released 2010-03-25) [stable]
239 ** SCRAM: Fix build error on platforms without strnlen.
241 ** API and ABI modifications.
242 No changes since last version.
244 * Version 1.4.3 (released 2010-03-25) [stable]
246 ** SCRAM: Don't read out of bounds when parsing tokens.
248 ** API and ABI modifications.
249 No changes since last version.
251 * Version 1.4.2 (released 2010-03-15) [stable]
253 ** SCRAM: Encode and decode username/authzid properly.
254 Before any username/authzid that contained '=' or ',' would not work.
256 ** Fix typo in error message for GSASL_GSSAPI_ACCEPT_SEC_CONTEXT_ERROR.
258 ** i18n: Updated translations.
260 ** API and ABI modifications.
261 No changes since last version.
263 * Version 1.4.1 (released 2010-02-16) [stable]
265 ** API and ABI modifications.
266 No changes since last version.
268 * Version 1.4.0 (released 2009-11-17) [stable]
270 ** No changes since 1.3.91 release candidate.
272 ** API and ABI modifications.
273 No changes since last version.
275 * Version 1.3.91 (released 2009-11-06) [experimental]
277 ** Fix Visual Studio project files to work with SCRAM.
278 Suggested by Lothar May <lothar.imap@googlemail.com> in
279 <http://thread.gmane.org/gmane.comp.gnu.gsasl.general/254>.
281 ** API and ABI modifications.
282 No changes since last version.
284 * Version 1.3.90 (released 2009-11-06) [experimental]
286 ** libgsasl: Properly increment libtool version to reflect newly added ABIs.
287 This was accidentally forgotten in the last release.
289 ** libgsasl: Export gsasl_sha1 and gsasl_hmac_sha1 in linker version script.
290 This was accidentally forgotten in the last release.
292 ** libgsasl: Fix crash in SCRAM-SHA-1 client when the application provides
293 ** a value for GSASL_SCRAM_SALTED_PASSWORD.
295 ** libgsasl: Fix detection of libgcrypt during builds.
296 Before libgcrypt was not detected and used by default unless you
297 supplied --with-libgcrypt.
299 ** i18n: Added Finnish translation.
300 Thanks to Jorma Karvonen <karvonen.jorma@gmail.com>.
302 ** i18n: Updated Vietnamese translation.
303 Thanks to Clytie Siddall <clytie@riverland.net.au>.
305 ** API and ABI modifications.
306 No changes since last version.
308 * Version 1.3 (released 2009-10-08)
310 ** libgsasl: Implement SCRAM-SHA-1.
311 New properties are GSASL_SCRAM_ITER, GSASL_SCRAM_SALT, and
312 GSASL_SCRAM_SALTED_PASSWORD.
314 ** libgsasl: Add helper APIs for SHA-1 and HMAC-SHA-1.
315 New functions are gsasl_sha1 and gsasl_hmac_sha1.
317 ** API and ABI modifications.
318 GSASL_SCRAM_ITER: ADDED.
319 GSASL_SCRAM_SALT: ADDED.
320 GSASL_SCRAM_SALTED_PASSWORD: ADDED.
322 gsasl_hmac_sha1: ADDED.
324 * Version 1.2 (released 2009-06-13)
326 ** libgsasl: The library needs at most around 250 bytes of stack frame size.
327 This is useful for embedded platforms with limited amount of RAM.
328 Some functions that required a large stack has been rewritten, in
329 order to achieve this goal. The 250 byte limit is now part of the
330 regression test suite, so hopefully no function will ever require more
331 than that amount of stack space in the future.
333 ** libgsasl: Obsolete gsasl_md5pwd_get_password rewritten to use modern API.
335 ** Include a copy of the GPLv3 license in the archive.
336 Some parts, such as the gnulib self-tests, are licensed under the
337 GPLv3. The library remains licensed under LGPLv2.1+ though. Reported
338 by Vincent Untz <vuntz@opensuse.org> in
339 <http://permalink.gmane.org/gmane.comp.gnu.gsasl.general/225>.
341 ** API and ABI modifications.
342 No changes since last version.
344 * Version 1.1 (released 2009-03-25)
346 ** DIGEST-MD5 client: Add support for client integrity layer.
347 The layer is not used by default, the application needs to request it
348 specifically in a callback or by setting the GSASL_QOP property.
350 ** DIGEST-MD5: Decoding of integrity protected sessions now works better.
351 Reported by Andery Melnikov <temnota.am@gmail.com>.
353 ** libgsasl: Add new property GSASL_QOPS.
354 The DIGEST-MD5 server query for this property to get the set of
355 quality of protection (QOP) values to advertise. The property holds
356 strings with comma separated keywords denoting the set of qops to use,
357 for example "qop-auth, qop-int". Valid keywords are "qop-auth",
358 "qop-int", and "qop-conf". The GSSAPI mechanism may be enhanced to
359 use this property as well in the future.
361 ** libgsasl: Add new property GSASL_QOP.
362 The DIGEST-MD5 client query for this property to get the quality of
363 protection (QOP) values to request. The property value is one of the
364 keywords for GSASL_QOPS. The client must chose one of the QOP values
365 offered by the server (which may be inspected through the GSASL_QOPS
366 property). The GSSAPI mechanism may be enhanced to use this property
367 as well in the future.
369 ** DIGEST-MD5 client: Now queries application for QOP value
370 This makes it possible for client applications to request support for
371 authentication only and/or authentication plus integrity. Before, the
372 client only supported authentication. Note that confidentiality is
373 not supported, and if you request it you will get an error.
375 ** DIGEST-MD5 server: Now queries application for QOP values.
376 This makes it possible for server applications to influence whether to
377 advertise support for authentication only and/or authentication plus
378 integrity. Before, the server unconditionally advertised support for
379 both. Note that confidentiality is not supported, and if you request
380 it you will get an error. Suggested by Andery Melnikov
381 <temnota.am@gmail.com>.
383 ** DIGEST-MD5 server: No longer advertises support for integrity by default.
384 You can request it specifically through a callback or setting the
387 ** libgsasl: Added C pre-processor expressions for version handling.
388 The new symbols GSASL_VERSION_MAJOR, GSASL_VERSION_MINOR,
389 GSASL_VERSION_PATCH, and GSASL_VERSION_NUMBER can be used in numeric
390 comparisons to test version level.
392 ** libgsasl: Use a LD version script on platforms where it is supported.
393 Currently only GNU LD and the Solaris linker supports it. This helps
394 Debian package tools to produce better dependencies. Before we used
395 Libtool -export-symbols-regex that created an anonymous version tag.
396 We use -export-symbols-regex when the system does not support LD
397 version scripts, but that only affect symbol visibility.
399 ** libgsasl: Compiled with -fvisibility=hidden by default if supported.
400 Currently only GCC supports it for ELF targets. This hides internal
401 symbols and has other advantages, see
402 <http://gcc.gnu.org/wiki/Visibility>.
404 ** API and ABI modifications.
405 GSASL_VERSION_MAJOR: ADDED
406 GSASL_VERSION_MINOR: ADDED
407 GSASL_VERSION_PATCH: ADDED
408 GSASL_VERSION_NUMBER: ADDED
412 * Version 1.0 (released 2009-01-23)
414 ** Fix several compiler warnings.
416 ** Update gnulib files.
418 ** API and ABI modifications.
419 No changes since last version.
421 * Version 0.2.29 (released 2008-10-21)
423 ** DIGEST-MD5 server: Added callback to retrieve hashed secret.
424 The callback is GSASL_DIGEST_MD5_HASHED_PASSWORD. Patch from "Gazsó
425 Attila" <agazso@gmail.com>.
427 ** DIGEST-MD5 server: Convert realm from ISO 8859-1 to UTF-8 when needed.
428 Reported by Adam Goode <adam@spicenitz.org>.
430 ** libgsasl: Add function to print name of error codes.
431 For example, gsasl_strerror_name(GSASL_OK) returns "GSASL_OK".
433 ** libgsasl: Reduce complexity of gsasl_strerror.
435 ** libgsasl: Obsolete base64 functions rewritten to use new functions.
436 The old functions are gsasl_base64_encode and gsasl_base64_decode.
437 This reduces size of the library somewhat.
439 ** Make the library compile under MinGW again.
441 ** Added Indonesian translation.
442 Thanks to Andhika Padmawan <andhika.padmawan@gmail.com>.
444 ** Perl is no longer required to build Libgsasl in Visual Studio.
446 ** Fix several compiler warnings.
448 ** API and ABI modifications.
449 gsasl_strerror_name: ADDED
451 * Version 0.2.28 (released 2008-08-20)
453 ** New function to get mechanism name used in current session.
454 The function is gsasl_mechanism_name.
456 ** The library can be built using Visual Studio.
457 Patches provided by Adam Strzelecki <ono@java.pl>. See the manual,
458 section 'Installing under Windows', for more information.
460 ** Update gnulib files.
461 Under Windows, the randomness functions will now prefer the Intel RND
462 crypto provider. CryptAcquireContext is now invoked with the
463 CRYPT_VERIFY_CONTEXT parameter.
465 ** API and ABI modifications.
466 gsasl_mechanism_name: ADD.
468 * Version 0.2.27 (released 2008-07-01)
470 ** DIGEST-MD5: Fix undefined symbol "utf8tolatin1ifpossible".
471 This happened if --disable-server is used. Reported by Martin Lambers
474 ** Update gnulib files, and include gnulib self-tests.
476 ** Update translations.
478 ** API and ABI modifications.
479 No changes since last version.
481 * Version 0.2.26 (released 2008-05-05)
483 ** Translations files not stored directly in git to avoid merge conflicts.
484 This allows us to avoid use of --no-location which makes the
485 translation teams happier.
487 ** DIGEST-MD5 server: don't reject authentication if client doesn't use utf-8.
488 Before, authentication from all non-UTF-8 clients were simply
489 rejected. When this situation occurs now, the username is translated
490 into UTF-8 before being passed on to applications. Further, the
491 password retrieved from the application is converted from UTF-8 to
492 ISO-8859-1 if that is possible.
494 Reported by marty <marty@ice.org> in
495 <http://lists.gnu.org/archive/html/help-gsasl/2008-03/msg00002.html>.
496 See also <http://jabberd2.xiaoka.com/ticket/200> and
497 <http://developer.pidgin.im/ticket/5213>. Thanks to Pawel Widera
498 <momat@man.poznan.pl> for testing and fixing a silly typo in the code
499 that prevented it from working.
501 ** DIGEST-MD5 client: convert password from UTF-8 to ISO-8859-1 before hash.
502 For compatibility with server.
504 ** API and ABI modifications.
505 No changes since last version.
507 * Version 0.2.25 (released 2008-03-10)
509 ** Fix non-portable use of brace expansion in makefiles.
511 ** Documentation improvements.
513 ** API and ABI modifications.
514 No changes since last version.
516 * Version 0.2.24 (released 2008-01-15)
518 ** When libgcrypt is used, disable secure memory to make things work.
520 ** When built under MinGW, generate a libgsasl-XX.def using -Wl,--output-def.
522 ** API and ABI modifications.
523 No changes since last version.
525 * Version 0.2.23 (released 2008-01-15)
527 ** CRAM-MD5: Check return value from gc_nonce(). (SECURITY)
528 If GNU SASL was not built against libgcrypt, and the
529 --enable-nonce-device device file did not exist, building libgsasl
530 would warn you but would continue. Further, the code in CRAM-MD5 to
531 generate a challenge would not generate a new nonce each time, so
532 depending on what's stored on the stack, you may get the same
533 challenge each time. The function should have checked the return
534 value from gc_nonce(). Reported by "Daniel Armyr" <daniel@armyr.se>.
538 ** Update gnulib files.
540 ** API and ABI modifications.
541 No changes since last version.
543 * Version 0.2.22 (released 2007-10-08)
545 ** Update gnulib files.
547 ** API and ABI modifications.
548 No changes since last version.
550 * Version 0.2.21 (released 2007-08-22)
552 ** DIGEST-MD5: Remove the extra leading, trailing, and intermediate commas.
553 Patch from James Canete <jcanete01@shaw.ca>.
555 ** API and ABI modifications.
556 No changes since last version.
558 * Version 0.2.20 (released 2007-08-11)
560 ** Correctly increment the shared library version.
561 I forgot to increment it in the last release, to indicate that a new
564 ** If GSS-API and GS2 are disabled, don't bother linking to a GSS-API library.
565 Reported by Maxim Britov <maxim.britov@gmail.com>.
567 ** Update gnulib files.
569 ** API and ABI modifications.
570 No changes since last version.
572 * Version 0.2.19 (released 2007-07-09)
574 ** New API gsasl_free to release memory allocated by other functions.
575 This is useful on Windows where libgsasl uses one CRT and the
576 application uses another CRT. Then malloc/free will not use the same
577 heap. This happens if you build libgsasl using mingw32 and the
578 application with Visual Studio. Suggested by Adam Strzelecki
581 ** Update gnulib files.
583 ** API and ABI modifications.
586 * Version 0.2.18 (released 2007-06-07)
588 ** Update gnulib files.
589 Fixes cross-compilation to uClinux.
591 ** API and ABI modifications.
592 No changes since last version.
594 * Version 0.2.17 (released 2007-06-01)
596 ** GNU SASL is now developed using Git instead of CVS.
597 A public git mirror is available from <http://repo.or.cz/w/gsasl.git>.
599 ** Update gnulib files.
601 ** API and ABI modifications.
602 No changes since last version.
604 * Version 0.2.16 (released 2007-04-20)
606 ** Translation updates.
608 ** Fix gsasl_check_version logic.
610 ** Now uses autoconf 2.61, automake 1.10, gettext 0.16.1.
612 ** API and ABI modifications.
613 No changes since last version.
615 * Version 0.2.15 (released 2006-08-22)
617 ** Changed libgsasl shared library version.
618 The shared library version was not incremented correctly in the last
619 release, even though new APIs were added.
621 * Version 0.2.14 (released 2006-08-19)
623 ** New functions to set per-session application hooks.
624 Earlier only the global functions gsasl_callback_hook_set and
625 gsasl_callback_hook_set were available, but with the new
626 gsasl_session_hook_set and gsasl_session_hook_get, it is possible to
627 store and retrieve per-session specific data. This simplifies
628 callback handling in applications. Suggested by James Mansion.
630 The new function supersede the gsasl_client_application_data_get,
631 gsasl_client_application_data_set, gsasl_server_application_data_get,
632 and gsasl_server_application_data_set functions in the obsolete API.
634 ** API and ABI modifications.
635 gsasl_session_hook_get,
636 gsasl_session_hook_set: ADD.
638 * Version 0.2.13 (released 2006-06-14)
640 ** Update of gnulib files.
641 Further improves portability to MinGW.
643 ** Fix memory leak in gsasl_client_listmech and gsasl_server_listmech.
645 ** Configure fixes, for portability.
647 ** API and ABI modifications.
648 No changes since last version.
650 * Version 0.2.12 (released 2006-03-08)
652 ** Add -no-undefined to libtool command, to build DLL and import library on Mingw32.
653 Reported by Francis Brosnan Blazquez <francis@aspl.es>.
655 ** Improved validation of received strings in the DIGEST-MD5 parser.
657 ** Enable fixed self-test of DIGEST-MD5 parser.
659 ** Update of gnulib files.
661 ** API and ABI modifications.
662 No changes since last version.
664 * Version 0.2.11 (released 2006-02-07)
666 ** Ported to Windows by cross-compiling using Mingw32.
667 Using Debian's mingw32 compiler, you can build it for Windows by invoking
668 `./configure --host=i586-mingw32msvc --disable-gssapi'.
670 ** Fix memory leak in gsasl_simple_getpass.
672 ** Update of gnulib files.
674 ** API and ABI modifications.
675 No changes since last version.
677 * Version 0.2.10 (released 2005-10-23)
679 ** Improve configure checks for libidn, libntlm, libgss and libshishi presence.
681 ** Update of gnulib files, now includes self tests.
683 ** API and ABI modifications.
684 No changes since last version.
686 * Version 0.2.9 (released 2005-10-07)
688 ** Fix build error with some compilers in GSS-API mechanism.
690 ** Gnulib is now used for crypto functions, instead of Nettle in crypto/.
691 Libgcrypt can still optionally be used through --with-libgcrypt.
693 ** API and ABI modifications.
694 No changes since last version.
696 * Version 0.2.8 (released 2005-09-08)
698 ** The PLAIN mechanism is preferred over LOGIN when both are available.
700 ** Improved checking for libidn when the system need -R, -rpath or similar.
702 ** API and ABI modifications.
703 No changes since last version.
705 * Version 0.2.7 (released 2005-08-25)
707 ** Fixed bug in GNU SASL 0.1.x.backwards compatibility code in the
708 ** callback for GSASL_PASSWORD.
710 ** Eliminated some compiler warnings.
712 ** API and ABI modifications.
713 No changes since last version.
715 * Version 0.2.6 (released 2005-08-10)
717 ** The SASL PLAIN server now permit unassigned code points in SASLprep.
718 This aligns with draft-ietf-sasl-plain-08.txt which is in last call.
720 ** Fix use of 'head -1' in configure script.
721 Replaced with more portable and compliant command 'sed 1q', thanks to
724 ** The macro AX_CREATE_STDINT_H used to find uint8_t, uint32_t etc was updated.
725 Should only be relevant if you use Nettle rather than libgcrypt.
727 ** The license template in files were updated with the new FSF address.
729 ** gsasl_check_version simplified and made more robust.
731 ** Update of gnulib files.
733 ** API and ABI modifications.
734 No changes since last version.
736 * Version 0.2.5 (released 2005-02-08)
738 ** Strings that trigger the Unicode NFKC bug in PR#29 are now rejected.
739 This is only enabled if you use Libidn 0.5.0 or later.
741 ** ANONYMOUS server reject empty and overlong tokens.
743 ** EXTERNAL client now return empty data instead of NULL for empty authzid.
745 ** Typos in gsasl_strerror() messages fixed, thanks to Clytie Siddall.
747 ** API and ABI modifications.
748 No changes since last version.
750 * Version 0.2.4 (released 2005-01-01)
752 ** The CRAM-MD5 mechanism is now preferred over DIGEST-MD5.
753 This decision was based on recent public research that suggest MD5 is
754 broken, while HMAC-MD5 not immediately compromised, and the lack of
755 public analysis on what consequences the MD5 break have for
756 DIGEST-MD5. Support for CRAM-SHA1 is under investigation, to enable
757 users to avoid MD5 completely
759 ** The DIGEST-MD5 mechanism is rewritten and enabled by default.
760 The implementation is written so it can be used separately from GNU
761 SASL in your own product, it only uses C89 and two external symbols
762 for MD5 and HMAC-MD5. For more information, see digest-md5/README.
764 ** Improvements to the PLAIN server.
765 It now prepare the incoming authid and password using SASLprep
766 (unassigned code point will be rejected). It should also reject
767 invalid input better.
769 ** Improved robustness of callback backwards compatibility.
771 ** Memory leaks fixed.
773 ** New simple user database API `gsasl_simple_getpass'.
774 This replaces gsasl_md5pwd_get_password. The functionality is the
775 same, only the API changed (to remove fixed size buffer restrictions).
777 ** New configure option --disable-obsolete to remove backwards compatibility.
778 This is mostly intended to be used when compiling for platforms with
779 constrained memory/space resources.
781 ** Gnulib files were updated.
783 ** API and ABI modifications.
784 gsasl_md5pwd_get_password: DEPRECATED. Use gsasl_simple_getpass() instead.
785 gsasl_simple_getpass: ADD. No buffer length restriction.
786 GSASL_FOPEN_ERROR: DEPRECATED. Not used any more.
787 GSASL_FCLOSE_ERROR: DEPRECATED. Not used any more.
788 GSASL_NO_MORE_REALMS: DEPRECATED. Not used any more.
789 GSASL_INVALID_HANDLE: DEPRECATED. Not used any more.
791 * Version 0.2.3 (released 2004-12-15)
793 ** NTLM now set the 'domain' field to the GSASL_REALM property value.
794 Some servers appear to need non-empty but arbitrary domain values,
795 reported by Martin Lambers.
797 ** PLAIN client no longer perform NFKC on strings.
798 This aligns with draft-ietf-sasl-plain-05.
800 ** LOGIN client no longer perform NFKC on strings.
801 There is no specification for LOGIN, but arguable it should use
802 SASLprep, but on the server side.
804 ** DIGEST-MD5 is disabled by default, pending a rewrite for the new API.
805 The mechanism still work if your application is using the old callback
806 API, in which case you may enable it (--enable-digest-md5) to have the
807 same functionality as in older versions.
809 ** LOGIN client now uses authentication identity, not authorization identity,
810 reported by Martin Lambers.
812 ** PLAIN client now work when no authorization identity is provided,
813 reported by Martin Lambers.
815 ** Callback backwards compatibility improved, thanks to Sergey Poznyakoff.
816 The GSASL_VALIDATE_SIMPLE and GSASL_PASSWORD are now translated into
817 calls to gsasl_server_callback_validate_get() and
818 gsasl_server_callback_retrieve_get(), respectively.
820 ** A crash in the new base64 code was fixed.
822 ** Use of SASLprep in CRAM-MD5 changed.
823 The client now prepare authid/password as if they were query strings.
824 The server prepare the password as a storage string.
826 ** The shared library version was incremented to reflect that the base64 APIs
827 were added, this was forgotten in the last release.
829 ** Disabling Libidn/SASLprep should now result in a RFC 2222 compliant library.
830 However, it will reject non-ASCII strings, since the handling of those
831 strings was not specified in RFC 2222.
833 ** API and ABI modifications.
834 gsasl_stringprep_nfkc, gsasl_stringprep_saslprep,
835 gsasl_stringprep_trace: DEPRECATED. Use gsasl_saslprep() instead.
837 Gsasl_saslprep_flags: ADD. New enum type to go with gsasl_saslprep.
838 GSASL_REALM: ADD, new property.
839 GSASL_UNICODE_NORMALIZATION_ERROR: DEPRECATED. Use
840 GSASL_SASLPREP_ERROR instead.
841 GSASL_CANNOT_VALIDATE: REMOVED. Never used for any reasonable purpose.
843 * Version 0.2.2 (released 2004-11-29)
845 ** Fix memory leak in server-side CRAM-MD5.
847 ** Fix read out of bound error in client-side CRAM-MD5.
849 ** Tighten the base64 decoder, will not accept white space in input.
851 ** Documentation fixes.
853 ** API and ABI modifications.
854 gsasl_base64_encode, gsasl_base64_decode: DEPRECATED.
855 gsasl_base64_to, gsasl_base64_from: NEW. Allocates the output buffer.
857 * Version 0.2.1 (released 2004-11-19)
859 ** Fix DIGEST-MD5 application data encode/decode functions.
861 ** Documentation fixes; the old callback API functions are marked as obsolete.
863 ** API and ABI modifications.
864 No changes since last version.
866 * Version 0.2.0 (released 2004-11-07)
868 ** Important information for 0.0.x or 0.1.x users.
869 The only externally visible (i.e., in the API/ABI-sense) effect of the
870 internal changes made in this version is that GSASL_ENCODE and
871 GSASL_DECODE have been renamed to, respectively, GSASL_ENCODE_INLINE
872 and GSASL_DECODE_INLINE, and that the original functions have been
873 modified to allocate the output buffer. The GSASL_??CODE_INLINE
874 functions were added to simplify upgrading existing applications. We
875 regret breaking backwards compatibility, but we felt it was necessary
878 ** The EXTERNAL mechanism now support authorization identities.
880 ** Major internal overhaul.
881 This was done to get rid of all fixed size buffers, and to clean up
882 the callback interface. Now, all functions that return data of
883 non-fixed size will allocate the output, and the caller is responsible
884 for deallocating the data. Further, the callback interface has been
885 simplified, from having one callback function per data item. There is
886 now only one callback function, that receive an enumerated integer
887 type indicating the requested operation.
889 ** Update of generic crypto layer.
891 ** Now possible to add a new SASL mechanism during run-time.
892 Implement the Gsasl_*_function interfaces, populate a Gsasl_mechanism
893 struct with name of SASL mechanism and the function pointers, and call
894 gsasl_register to register your new mechanism. The library will now
895 offer and use your mechanism. The internal mechanisms use the same
896 interface. This is the first step toward a dynamic dl_open()
899 ** A few memory leaks fixed.
901 ** Translation fixes.
903 ** Libtool's -export-symbols-regex is now used to only export official APIs.
904 Before, applications might accidentally access internal functions.
905 Note that this is not supported on all platforms, so you must still
906 make sure you are not using undocumented symbols in Libgsasl.
908 ** API and ABI modifications.
909 The only non-backwards compatible change is for gsasl_encode and
910 gsasl_decode, see above. The library is both source and binary
911 backwards compatible otherwise, although some functions have been
912 deprecated in favor of new functions.
914 gsasl_encode, gsasl_decode: MODIFIED. Now allocate the output parameter.
915 gsasl_encode_inline, gsasl_decode_inline: ADD, DEPRECATED.
916 Same as the old gsasl_encode and gsasl_decode, to simplify conversion.
918 gsasl_server_suggest_mechanism: DEPRECATED. This was a thinko, there
919 is never a need for something like this function.
921 Gsasl_callback: ADD. New function prototype.
922 gsasl_callback_set: ADD. New functions.
923 gsasl_callback: ADD. New functions.
924 GSASL_NO_CALLBACK, GSASL_NO_ANONYMOUS_TOKEN: ADD. New error codes.
926 Gsasl_client_callback_anonymous,
927 Gsasl_client_callback_authentication_id,
928 Gsasl_client_callback_authorization_id,
929 Gsasl_client_callback_password,
930 Gsasl_client_callback_passcode,
931 Gsasl_client_callback_pin,
932 Gsasl_client_callback_service,
933 Gsasl_client_callback_qop,
934 Gsasl_client_callback_maxbuf,
935 Gsasl_client_callback_realm,
936 Gsasl_server_callback_retrieve,
937 Gsasl_server_callback_validate,
938 Gsasl_server_callback_gssapi,
939 Gsasl_server_callback_securid,
940 Gsasl_server_callback_cram_md5,
941 Gsasl_server_callback_digest_md5,
942 Gsasl_server_callback_service,
943 Gsasl_server_callback_external,
944 Gsasl_server_callback_anonymous,
945 Gsasl_server_callback_realm,
946 Gsasl_server_callback_qop,
947 Gsasl_server_callback_maxbuf,
948 Gsasl_server_callback_cipher: DEPRECATED. Old callback function prototypes.
949 gsasl_client_callback_*,
950 gsasl_server_callback_*: DEPRECATED. Old callback set/get interface.
952 Gsasl_property, GSASL_CLIENT_*, GSASL_SERVER_*: ADD. New enumerated type.
953 gsasl_property_set, gsasl_property_set_raw,
954 gsasl_property_get, gsasl_property_fast: ADD. New functions.
956 gsasl_application_data_get, gsasl_application_data_set: DEPRECATED.
957 gsasl_appinfo_get, gsasl_appinfo_set: DEPRECATED.
958 gsasl_callback_hook_get, gsasl_callback_hook_set: ADD. Replaces
961 Gsasl_init_function, Gsasl_done_function, Gsasl_code_function,
962 Gsasl_start_function, Gsasl_step_function, Gsasl_finish_function: ADD.
963 Gsasl_mechanism_functions, Gsasl_mechanism: ADD.
966 gsasl_ctx_get: DEPRECATED. Not useful, application callback now get both
967 library and session context.
969 * Version 0.1.4 (released 2004-08-08)
971 ** Fix various compile time warnings.
973 ** Revamp of gnulib compatibility files.
975 ** More translations.
976 French (by Michel Robitaille), Dutch (by Elros Cyriatan), Polish (by
977 Jakub Bogusz), and Romanian (by Laurentiu Buzdugan).
979 ** API and ABI modifications.
980 No changes since last version.
982 * Version 0.1.3 (released 2004-08-04)
984 ** API and ABI modifications.
985 No changes since last version.
987 * Version 0.1.2 (released 2004-07-16)
989 ** Cross compile builds should work.
990 It should work for any sane cross compile target, but the only tested
991 platform is uClibc/uClinux on Motorola Coldfire.
993 ** API and ABI modifications.
994 No changes since last version.
996 * Version 0.1.1 (released 2004-06-26)
998 ** gsasl_client_suggest_mechanism and gsasl_server_suggest_mechanism now work.
999 Earlier they were not implemented at all.
1001 ** GSS-API now support data integrity and privacy options (experimental!).
1003 ** Internal crypto framework rehashed.
1004 Now the selection between Nettle/Libgcrypt happens inside crypto/, and
1005 gc.h is the generic header that is used by the rest of the package.
1007 ** API and ABI modifications.
1010 gsasl_randomize: DEPRECATED. Use either gsasl_random or gsasl_nonce.
1012 * Version 0.1.0 (released 2004-04-16)
1014 ** The library re-licensed to LGPL and distributed as a separate package.
1015 This means a fork of this NEWS file, all the entries below relate to
1016 the combined work of earlier versions. New entries above only
1017 document user visible aspects of the library ("libgsasl"); for
1018 information about the command line interface and other things
1019 ("gsasl") see the NEWS file in the gsasl distribution. To make
1020 matters more confusing, the "gsasl" distribution includes a copy of
1021 the "libgsasl" distribution.
1023 ** API and ABI modifications.
1024 No changes since last version.
1026 * Version 0.0.14 (released 2004-01-22)
1028 ** Moved all mechanism specific code into sub-directories of lib/.
1029 Each backend is built into its own library (e.g., libgsasl-plain.so),
1030 to facilitate future possible use of dlopen to dynamically load
1033 ** Moved compatibility files (getopt*) to gl/, and added more (strdup*).
1035 * Version 0.0.13 (released 2004-01-17)
1037 ** Nettle (the crypto functionality, crypto/) has been updated.
1038 This fixes two portability issues, the new code should work on
1039 platforms that doesn't have inttypes.h and alloca.
1041 * Version 0.0.12 (released 2004-01-15)
1043 ** Protocol line parser in 'gsasl' tool more reliable.
1044 Earlier it assumed two lines were sent in one packet in one place, and
1045 sent as two packets in another place.
1047 ** Various bugfixes.
1049 * Version 0.0.11 (released 2004-01-06)
1051 ** The client part of CRAM-MD5 now uses SASLprep instead of NFKC.
1052 This aligns with draft-ietf-sasl-crammd5-01.
1054 ** The CRAM-MD5 challenge string now conform to the proper syntax.
1056 ** The string preparation (SASLprep and trace) functions now work correctly.
1058 ** DocBook manuals no longer included.
1059 The reason is that recent DocBook tools from the distribution I use
1060 (Debian) fails with an error. DocBook manuals may be included in the
1061 future, if I can get the tools to work.
1063 ** API and ABI modifications.
1064 GSASL_SASLPREP_ERROR: ADD.
1066 * Version 0.0.10 (released 2003-11-22)
1068 ** The CRAM-MD5 server now reject invalid passwords.
1069 The logic flaw was introduced in 0.0.9, after blindly making code
1070 changes to shut up valgrind just before the release.
1072 ** Various build improvements.
1073 Pkg-config is no longer needed. GTK-DOC is only used if present.
1075 * Version 0.0.9 (released 2003-11-21)
1077 ** Command line client can talk to SMTP servers with --smtp.
1079 ** DocBook manuals in XML, PDF, PostScript, ASCII and HTML formats included.
1081 ** Token parser in DIGEST-MD5 fixed, improve interoperability of DIGEST-MD5.
1083 ** Libgcrypt >= 1.1.42 is used if available (for CRAM-MD5 and DIGEST-MD5).
1084 The previous libgcrypt API is no longer supported.
1086 ** CRAM-MD5 and DIGEST-MD5 no longer require libgcrypt (but can still use it).
1087 If libgcrypt 1.1.42 or later is not found, it uses a minimalistic
1088 cryptographic library based on Nettle, from crypto/. Currently only
1089 MD5 and HMAC-MD5 is needed, making a dependence on libgcrypt overkill.
1091 ** Listing supported server mechanisms with gsasl_server_mechlist work.
1093 ** Autoconf 2.59, Automake 1.8 beta, Libtool CVS used.
1095 ** Source code for each SASL mechanism moved to its own sub-directory in lib/.
1097 ** The command line interface now uses getopt instead of argp.
1098 The reason is portability, this also means we no longer use gnulib.
1100 ** API and ABI modifications.
1101 gsasl_randomize: ADD.
1103 gsasl_hmac_md5: ADD.
1105 gsasl_hexdump: REMOVED. Never intended to be exported.
1109 gsasl_client_step: DEPRECATED: use gsasl_step instead.
1110 gsasl_server_step: DEPRECATED: use gsasl_step instead.
1111 gsasl_client_step_base64: DEPRECATED: use gsasl_step64 instead.
1112 gsasl_server_step_base64: DEPRECATED: use gsasl_step64 instead.
1115 gsasl_client_finish: DEPRECATED: use gsasl_finish instead.
1116 gsasl_server_finish: DEPRECATED: use gsasl_finish instead.
1119 gsasl_client_ctx_get: DEPRECATED: use gsasl_ctx_get instead.
1120 gsasl_server_ctx_get: DEPRECATED: use gsasl_ctx_get instead.
1122 gsasl_appinfo_get: ADD.
1123 gsasl_appinfo_set: ADD.
1124 gsasl_client_application_data_get: DEPRECATED: use gsasl_appinfo_get instead.
1125 gsasl_client_application_data_set: DEPRECATED: use gsasl_appinfo_set instead.
1126 gsasl_server_application_data_get: DEPRECATED: use gsasl_appinfo_get instead.
1127 gsasl_server_application_data_set: DEPRECATED: use gsasl_appinfo_set instead.
1130 Gsasl_ctx: DEPRECATED: use Gsasl instead.
1132 Gsasl_session_ctx: DEPRECATED: use Gsasl_session instead.
1134 GSASL_CRYPTO_ERROR: ADD, replaces deprecated GSASL_LIBGCRYPT_ERROR.
1135 GSASL_LIBGCRYPT_ERROR: DEPRECATED: use GSASL_CRYPTO_ERROR instead.
1137 GSASL_KERBEROS_V5_INTERNAL_ERROR: ADD, replaces deprecated GSASL_SHISHI_ERROR.
1138 GSASL_SHISHI_ERROR: DEPRECATED: use GSASL_KERBEROS_V5_INTERNAL_ERROR instead.
1140 GSASL_INVALID_HANDLE: ADD.
1142 * Version 0.0.8 (released 2003-10-11)
1144 ** Improved GSSAPI implementation detection.
1145 Auto detection should work, unless you have both MIT and Heimdal, or
1146 wish to override the default that prefer GSS over Heimdal over MIT.
1147 In that case, use --enable-gssapi=mit or --enable-gssapi=heimdal.
1149 ** GNU SASL contain APIs for internationalized string processing via SASLprep.
1150 You no longer have to use Libidn directly.
1152 ** Man pages for all public functions are included.
1154 ** GNULib is used for compatibility functions.
1155 The directory gl/ is dedicated for GNULib functions, and replace the
1156 earlier ad-hoc usage of argp, memset, etc.
1158 ** GNU SASL will be C89 compatible.
1159 The library itself (lib/*) only use C89. The remaining parts (src/
1160 and tests/) can use C89 and any functionality from GNULib. This
1161 decision may be revised in the future, if it turns out there are
1164 ** Improvements for embedded or otherwise limited systems.
1165 The math library (-lm) is no longer required. All client code can be
1166 disabled by --disable-client, and all server code can be disabled by
1167 --disable-server. The internationalized string processing library can
1168 be disabled by --without-stringprep.
1170 ** Gettext 0.12.1 and Libtool 1.5 is used.
1172 ** Libgcrypt from CVS (1.1.42) is not supported.
1173 Recent libgcrypt is API incompatible with earlier released versions.
1174 If a too recent version is installed, it will not be used.
1176 ** Fix command line tool '--connect --imap' on Solaris.
1180 ** API and ABI modifications.
1181 Gsasl_client_callback_maxbuf: CHANGED: 'int' was replaced with 'size_t'.
1182 Gsasl_server_callback_maxbuf: CHANGED: 'int' was replaced with 'size_t'.
1183 gsasl_client_mechlist: NEW.
1184 gsasl_server_mechlist: NEW.
1185 gsasl_client_listmech: DEPRECATED: use gsasl_client_mechlist instead.
1186 gsasl_server_listmech: DEPRECATED: use gsasl_server_mechlist instead.
1187 gsasl_stringprep_nfkc: NEW.
1188 gsasl_stringprep_saslprep: NEW.
1189 gsasl_stringprep_trace: NEW.
1191 * Version 0.0.7 (released 2003-06-02)
1193 ** Two new GSS libraries supported for the GSS-API mechanism.
1194 See http://josefsson.org/gss/ for GSS, which uses Shishi for Kerberos 5.
1195 See http://www.pdc.kth.se/heimdal/ for Heimdal (Kerberos 5).
1199 * Version 0.0.6 (released 2003-03-17)
1201 ** Gettext not included.
1202 Due to some conflicts between libtool and gettext, if you want i18n on
1203 platforms that does not already have a useful gettext implementation,
1204 you must install GNU gettext before building this package. If you
1205 don't care about i18n, this package should work fine (except for i18n,
1208 ** Rudimentary support for KERBEROS_V5.
1209 Only enable if you want to write code. This adds two new API errors;
1210 GSASL_KERBEROS_V5_INIT_ERROR, GSASL_SHISHI_ERROR.
1212 ** Added API function: gsasl_client_callback_realm_set.
1213 Specifies which realm the client belongs to.
1216 User visible aspects includes not building the API Reference Manual
1217 with GTK-DOC by default, if you want it use configure parameter
1220 * Version 0.0.5 (released 2003-01-27)
1222 ** Command line application "gsasl" now supports --imap and --connect.
1223 The --imap parameter makes it use a IMAP-like negotiation on
1224 stdin/stdout. The --connect parameter makes it connect to a host over
1225 TCP, and talk to it instead of stdin/stdout. This allows it to be
1226 used as a simple test tool to connect to IMAP servers. Currently
1227 integrity and confidentiality is not working properly, so if you use
1228 DIGEST-MD5 you currently have to specify --quality-of-protection=auth.
1230 ** Texinfo documentation added for command line tool.
1232 ** Libgcrypt initialization no longer causes a warning to be printed.
1234 ** Added API reference manual in HTML format, generated using GTK-DOC.
1235 See doc/reference/, in particular doc/reference/html/index.html.
1237 ** GNU Libidn replaces Libstringprep.
1238 Although it is still stored in the libstringprep/ directory for CVS
1241 ** Bug fixes for DIGEST-MD5 and GSSAPI.
1243 * Version 0.0.4 (released 2002-12-13)
1245 ** License changed to GPL.
1247 ** Official GNU project.
1249 * Version 0.0.3 (released 2002-12-05)
1251 ** New gsasl arguments --application-data and --no-client-first.
1253 ** Bug fixes (client sends first, memory leaks, compiler warnings, more).
1255 * Version 0.0.2 (released 2002-11-07)
1257 ** Includes a copy of libstringprep 0.0.2 for Unicode NFKC
1258 normalization and locale charset to UTF-8 string conversion, and
1259 preparation for the future if a SASL Stringprep profile is created.
1260 If libstringprep is already installed, it is used by default. You can
1261 force the use of the internal version with
1262 --without-system-libstringprep.
1264 ** Uses pkg-config instead of libgsasl.m4 + libgsasl-config.in, and
1265 for finding libntlm (requires libntlm 0.3.1 or later).
1267 ** Self tests for several mechanisms.
1269 ** The API now allows mechanisms to return data even when returning
1270 GSASL_OK (earlier only on GSASL_NEEDS_MORE).
1274 * Version 0.0.1 (released 2002-10-12)
1276 ** APIs for integrity and confidentiality protection of application
1279 ** DIGEST-MD5 support for integrity protection.
1281 * Version 0.0.0 (released 2002-10-07)
1285 ----------------------------------------------------------------------
1286 Copying and distribution of this file, with or without modification,
1287 are permitted in any medium without royalty provided the copyright
1288 notice and this notice are preserved.
1290 ;;; Local Variables: ***
1291 ;;; mode:outline ***
1292 ;;; mode:flyspell ***